Brute Force Dictionary Attacks

I am getting several failed logon attempts, indicating someone is attempting to brute-force our system with a dictionary-style attack. What is the best way to prevent this? How do I prevent attempted logons from outside our domain?

Check event log and see which computer the failed logons are coming from. You will be suprised how many times users create mapped drive which they logon with different accounts and configure the mapping to be permanent. Before thinking it is brute force, analyze your logs first.

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!